Correctly handle Vec with zero capacity in from_vec (#332)

* ci: Fix running fuzz. * from_vec: early return if capacity zero When the capacity of the vec it zero, there might not have been any memory allocated for it, thus the pointer obtained by `as_mut_ptr` may dangle. --------- Co-authored-by: Bruce Mitchener <bruce.mitchener@gmail.com>
servo · Jan 13, 2024 · 944f603 · 944f603
1 parent b955ac6
commit 944f603
Show file tree

Hide file tree

Showing 4 changed files with 18 additions and 9 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -15,16 +15,14 @@ jobs:
         toolchain: ["stable", "beta", "nightly", "1.57.0"]
         include:
           - toolchain: stable
-            env:
-              DO_FUZZ: 1
+            fuzz: 1
           - toolchain: beta
-            env:
-              DO_FUZZ: 1
+            fuzz: 1
     steps:
       - uses: actions/checkout@v4
 
-      - name: Install packages
-        if: matrix.os == 'ubuntu-latest'
+      - name: Install packages for fuzzing
+        if: runner.os == 'Linux' && matrix.fuzz == 1
         run: sudo apt-get update -y && sudo apt-get install -y binutils-dev libunwind8-dev libcurl4-openssl-dev libelf-dev libdw-dev cmake gcc libiberty-dev
 
       - name: Install toolchain
@@ -60,9 +58,9 @@ jobs:
           MIRIFLAGS: '-Zmiri-tag-raw-pointers'
 
       - name: fuzz
-        if: env.DO_FUZZ == '1'
+        if: matrix.fuzz == 1
         working-directory: fuzz
-        run: ./travis_fuzz.sh
+        run: ./travis-fuzz.sh
 
   no-std:
     name: no_std

diff --git a/fuzz/travis-fuzz.sh b/fuzz/travis-fuzz.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 set -e
-cargo install --force honggfuzz --version 0.5.47
+cargo install --force honggfuzz --version "^0.5.47"
 for TARGET in fuzz_targets/*; do
     FILENAME=$(basename $TARGET)
 	FILE="${FILENAME%.*}"

diff --git a/src/lib.rs b/src/lib.rs
@@ -524,6 +524,10 @@ impl<T, const N: usize> SmallVec<T, N> {
 
     #[inline]
     pub fn from_vec(vec: Vec<T>) -> Self {
+        if vec.capacity() == 0 {
+            return Self::new();
+        }
+
         if Self::is_zst() {
             // "Move" elements to stack buffer. They're ZST so we don't actually have to do
             // anything. Just make sure they're not dropped.

diff --git a/src/tests.rs b/src/tests.rs
@@ -717,6 +717,13 @@ fn shrink_to_fit_unspill() {
     assert!(!vec.spilled(), "shrink_to_fit will un-spill if possible");
 }
 
+#[test]
+fn shrink_after_from_empty_vec() {
+    let mut v = SmallVec::<u8, 2>::from_vec(vec![]);
+    v.shrink_to_fit();
+    assert!(!v.spilled())
+}
+
 #[test]
 fn test_into_vec() {
     let vec = SmallVec::<u8, 2>::from_iter(0..2);